I’ve posted notes here about the Top500 project, which publishes a semi-annual list of the world’s fastest computer systems, most recently following the last update to the list, in November 2012.

An article at Ars Technica reports that the IBM Roadrunner system, located at the US Department of Energy’s Los Alamos National Laboratory, will be decommissioned and, ultimately, dismantled. The Roadrunner was the first system whose performance exceeded a petaflop (1 petaflop = 1 × 1015 floating point operations per second). It held the number one position on the Top 500 list from June, 2008 through June 2009; it was still ranked number two in November, 2009. The Roadrunner system contained 122,400 processor cores in 296 racks, covering about 6,000 square feet. It was one of the first supercomputer systems to use a hybrid processing architecture, employing both IBM PowerXCell 8i CPUs and AMD Opteron dual-core processors

The system is being retired, not because it is too slow, but because its appetite for electricity is too big. In the November 2012 Top 500 list, Roadrunner is ranked at number 22, delivering 1.042 petaflops and consuming 2,345 kilowatts of electricity. The system ranked as number 21, a bit faster at 1.043 petaflops, required less than half the power, at 1,177 kilowatts.

It will be interesting to see how the list shapes up in June, the next regular update.

One of the hardy perennial issues that comes up in discussions of our ever more wired (and wireless) lives is personal privacy. Technology in general has invalidated some traditional assumptions about privacy. For example, at the time the US Constitution was being written, I doubt that anyone worried much about the possibility of having a private conversation. All anyone had to do, in an age before electronic eavesdropping, parabolic microphones, and the like, was to go indoors and shut the door, or walk to the center of a large open space. It might be somewhat more difficult to conceal the fact that some conversation took place, but it was relatively easy to ensure that the actual words spoken were private.

Similarly, before the advent of computer data bases, getting together a comprehensive set of information about an individual took a good deal of work. Even records that were legally public (e.g., wills, land records) took some effort to obtain, since they existed only on paper, probably moldering away in some obscure courthouse annex. Even if you collected a bunch of this data, putting it all together was a job in itself.

People whose attitudes date back to those days often say something like, “I have nothing to hide; why should I care?” They are often surprised at the amount of personal information that can be assembled via technical means. The development of the Internet and network connectivity in general has made it easy to access enormous amounts of data, and to categorize and correlate it automatically. Even supposedly “anonymized” data is not all that secure.

Bruce Schneier, security guru and author of several excellent books on security (including Applied Cryptography,Secrets and Lies, Beyond Fear, and his latest book, Liars and Outliers), as well as the Schneier on Security blog, has posted an excellent, thought provoking article on “Our Internet Surveillance State”. He begins the article, which appeared originally on the CNN site, with “three data points”: the identification of some Chinese military hackers, the identification (and subsequent arrest) of Hector Monsegur. a leader of the LulzSec hacker movement, and the disclosure of the affair between Paula Broadwell and former CIA Director Gen. David Petraeus. All three of these incidents were the direct result of Internet surveillance.

Schneier’s basic thesis is that we have arrived at a situation where Internet-based surveillance is nearly ubiquitous and almost impossible to evade.

This is ubiquitous surveillance: All of us being watched, all the time, and that data being stored forever. This is what a surveillance state looks like, and it’s efficient beyond the wildest dreams of George Orwell.

Many people are aware that their Internet activity can be tracked by using browser cookies, and I’ve written about the possibility of identifying individuals by the characteristics of their Web browser. And many sites that people routinely visit have links, not always obvious, to other sites. Those Facebook “Like” buttons that you see everywhere load data and scripts from Facebook’s servers, and provide a mechanism to track you — you don’t even need to click on the button. There are many methods by which you can be watched, and it is practically impossible to avoid them all, all of the time.

If you forget even once to enable your protections, or click on the wrong link, or type the wrong thing, and you’ve permanently attached your name to whatever anonymous service you’re using. Monsegur slipped up once, and the FBI got him. If the director of the CIA can’t maintain his privacy on the Internet, we’ve got no hope.

As Schneier also points out, this is not a problem that is likely to be solved by market forces. None of the collectors and users of surveillance data has any incentive, economic or otherwise, to change things.

Governments are happy to use the data corporations collect — occasionally demanding that they collect more and save it longer — to spy on us. And corporations are happy to buy data from governments.

The self-described “News for Nerds” site, Slashdot, has an interview with Randi, in which he answers questions submitted by readers, As one might expect, the discussion focuses on the work, by Randi and the Foundation, to combat irrational and magical thinking. It’s a brief but entertaining read. The page also contains comments from Slashdot readers, which are worth glancing through: there are some insightful ones, though there is, as usual, a lot of drek as well.

Like this:

The Free Software Foundation Europe [FSFE] has designated today, March 27, as Document Freedom Day [DFD] for 2013, to mark the importance of open standards for the exchange of documents and other information via the Internet.

It is a day for celebrating and raising awareness of Open Standards and formats which takes place on the last Wednesday in March each year. On this day people who believe in fair access to communications technology teach, perform, and demonstrate.

This year’s DFD is being sponsored by Google and openSUSE.

One of the key aims of DFD is to promote the use and promulgation of open standards for documents and other information. The DFD site gives the FSFE’s definition of an open standard; as the Wikipedia article on the subject suggests. there is a range of definitions from different organizations. The FSFE’s definition is fairly strict: essentially, it requires that a standard be open to assessment, implementation, and use without restrictions, and that a standard be defined by an open process, not controlled by any single party. That there is some considerable similarity between the concepts of open standards and open source software is, of course, not a coincidence.

As I have mentioned before, I am a fairly enthusiastic proponent of open source software, and I’m a fan of open standards, too. As I’ve already mentioned, there are several different definitions of open standards, and I think it is useful to realize that “openness” can be a matter of degree.

The standards for HTML (HyperText Markup Language, the language used to create Web pages), and for the C programming language, would meet most definitions as open standards. At the other extreme, Microsoft’s original definitions of documents for its Office product were not at all open: undocumented binary formats, entirely under the vendor’s control. The Portable Document Format [PDF] for text documents was originally defined by Adobe Systems, but the format definition was published; beginning in 1994, with the release of Adobe’s Acrobat 2.0 software, the viewing software (Acrobat Reader, now Adobe Reader) was available free. (PDF was officially released as an open standard on July 1, 2008, and published by the International Organization for Standardization as ISO 32000-1:2008.)

While, in an ideal world, one might have wished, prior to 2008, to have the PDF specification fully open, the situation was far better than having an entirely closed spec: it was possible to evaluate the PDF definition, and developers other than Adobe were able to develop software to work with PDF files. (I still use a small, fast program called xpdf to view PDF documents on my Linux PC. It lacks a good deal of functionality, compared to Adobe’s Reader, which I also use regularly, but it is much faster for routine, “let’s have a look at this” usage.)

I think that the principle of open standards is worth supporting, for the very practical reasons that the FSFE has identified; they enable you to

Collaborate and communicate with others, regardless of which software they are using

Upgrade or replace your apps and still be able to open and edit your old files

Choose which phone / tablet / computer you want to use without worrying about compatibility

Google today released a new major version, 26.0.1410.43, of its Chrome browser for Linux, Mac OS X, Windows, and Chrome Frame. This release incorporates fixes for 11 identified security vulnerabilities, two of which Google rates as High severity. The new version also includes some new features:

Because of the security content of this release, I recommend that you update your systems as soon as you conveniently can. Windows and Mac users can get the new version via the built-in update mechanism; Linux users should check their distribution’s repositories for the new version.

Update Tuesday, 26 March, 22:14 EDT

Ars Technica has an article on the new Chrome release; it has a useful description of some the new spell-checking features.

I’ve written here previously about Bletchley Park, the home during World War II of the UK Government Code and Cipher School, also known as Station X. The work of the cryptanalysts at Bletchley Park was responsible for the breaking of the German Enigma machine encryption on a large-scale basis, as well as the more difficult Lorenz cipher, used by Hitler to communicate with his field commanders. Some historians estimate that this work shortened the war in Europe by two or more years. The site is now run by the Bletchley Park Trust, and also houses the UK National Museum of Computing.

A project to restore the Bletchley Park facility, along with some of its specialized equipment, was launched a couple of years ago. I noted then that Google had taken an active role in supporting the project.

A recent post on the Official Google Blog describes some further developments in this relationship. The Bletchley Park Trust has become a member of the Google Cultural Institute, which features an online gallery of exhibits dealing with (relatively) recent history. The Bletchley Park exhibit has an overview of the work that was done at Station X. It includes images of the Bombe machines that were used to break the Enigma cipher on a production basis, and of Colossus, the electronic computer used, along with the Tunny Machine, in breaking the Lorenz cipher.

The blog post also has an interesting short video presentation by Ms. Jean Valentine, one of the original Bombe operators.

In her role operating the Bombe, Jean directly helped to decipher messages encoded by Enigma. In this film Jean gives us a firsthand account of life at Bletchley Park during the war, and demonstrates how the Bombe worked using a replica machine now on show at the museum.

Much of this history remained a closely-guarded secret for many years after the end of WWII. It’s fascinating to see how much truly creative work was done under very difficult conditions.

Only two things are infinite, the universe and human stupidity, and I’m not sure about the former.
— Albert Einstein

I’ve written here from time to time about some of the questionable expenditures made in the name of security; in one case, the US government paid several million dollars for software that, if it ever existed at all, did not produce anything like the promised results. In some cases, I think that the buyers are so focused on the security outcomes that they want that they lose sight of the need to verify extravagant claims for a product, or at least to ensure that the claimed performance is realistically plausible.

I’ve just been reminded of another instance of a large purchase of security snake oil. According to the C-Net news site, a British businessman named James McCormick is on trial at the Old Bailey (the Central Criminal Court) in London, on charges of fraud connected to the sale of supposed bomb-detecting equipment to a variety of government agencies. The prosecution alleges that McCormick sold a large number of his ADE detection devices for use in Iraq, at a price of approximately £ 27,000 [about $41,000] each. Units were also allegedly sold to the governments of Niger and Georgia, the former Soviet republic.

The claims that McCormick is alleged to have made for the devices, which supposedly worked by static electricity, are close to miraculous. According to an article in theDaily Mail,

He produced glossy brochures to trick potential investors into believing the devices could detect tiny amounts of explosive from three miles away, the Old Bailey heard.

He claimed they could detect explosives, drugs and ivory through walls, up to 30ft underground and 100ft underwater, jurors were told. They could also detect fluids and human beings.

Some skepticism has been expressed about these devices before. A 2009 article in theNew York Times discusses the use by Iraqi forces of bomb detectors described by the US military as “useless”. According to the article, at least some parts of the Iraqi government paid considerably more than the going rate for these gadgets.

Mr. Turaihi [Inspector General of the Interior Ministry] said Iraqi officials paid up to $60,000 apiece, when the wands could be purchased for as little as $18,500. He said he had begun an investigation into the no-bid contracts with ATSC.

Jim McCormick, the head of ATSC, based in London, did not return calls for comment.

That these devices did not entirely live up the the claims made for them will probably not surprise too many readers. But the aspect of this story that I find really remarkable is the original source of the devices. It appears that they are a slightly modified, and re-badged, version of a product sold in the US as a golf ball finder.

Mr Whittam [Prosecutor Richard Whittam, QC] showed the jury pictures of a golf ball finder and one of the devices the defendant allegedly sold. He told jurors they were practically identical ‘in terms of shape, size, weight and construction’.

He said: ‘In reality, save for the stickers, they were indistinguishable. What that means is that they came from the same mould. The golf ball finder had been rebadged as an ADE 101.’

Now you may well ask yourself how experienced military and security personnel could be taken in by this sort of (seemingly) obvious scam. I’m afraid I don’t have a good answer.

However, I think the most darkly amusing part of the whole story is this: the device, in its original incarnation as a golf ball finder, was pure snake oil. It was, apparently, sold on the Web at mnglobal.com. That site is no longer around, but the Internet Archive‘s Wayback Machine has a version of the page from 2006. The claims for its abilities in this sphere are also fairly extravagant (the UPPER CASE and spelling is from the original):

IT IS NOT COMUPTER DRIVEN, CONTAINS NO CHIPS OR ELECTRONICS. IT USES YOUR NATIVE ENERGY TO ENERGIZE ITS ACTION. PLEASE DON’T ASK US FOR THE THEORY OF ITS OPERATION THAT’S OUR BUSINESS AND THE MAIN REASON WE HAVE NOT APPLIED FOR PATENTS WHICH WOULD EXPOSE THE TECHNOLOGY.

The page also assures the prospective purchaser that the finder has “no moving parts to wear out”. And (I particularly like this), it “can be used by right or left-handed people.” After all, you wouldn’t want something that could just find right-handed golf balls.

Obviously, P.T. Barnum’s Law of Applied Economics is still in effect. I guess it’s good to know there are some things you can depend on.